<?php

	include '../utils/_connection.php';
	$var = conectar();
	session_start();

	$id = $_GET['id'];

	$sql = "SELECT * FROM articles WHERE id_article='$id'";
	$res = mysql_query($sql);
	$obj = mysql_fetch_object($res);


	if ($_POST['title'] != "")
		$obj->title = mysql_real_escape_string($_POST['title']);

	if ($_POST['abs'] != "")
		$obj->abstract = mysql_real_escape_string($_POST['abs']);

	if ($_POST['key'] != "")
		$obj->keywords = mysql_real_escape_string($_POST['key']);

	if ($_POST['content'] != "")
		$obj->content = mysql_real_escape_string($_POST['content']);

	if ($_POST['references'] != "")
		$obj->references = mysql_real_escape_string($_POST['references']);

	if ($_POST['biography'] != "")
		$obj->biography = mysql_real_escape_string($_POST['biography']);



	if ($_POST['co-authors'] != ""){
		$obj->co_authors = "";
		foreach ($_POST['co-authors'] as $co_author){
			$co_sql = "SELECT * FROM `coauthors` WHERE name = '$co_author'";
			$co_res = mysql_query($co_sql);
			$co_obj = mysql_fetch_object($co_res);

			$obj->co_authors .= "<h2>".$co_obj->name."</h2>";
			$obj->co_authors .= "<h2>".$co_obj->center."<br>"; 
			$obj->co_authors .= $co_obj->email;
			$obj->co_authors .= "<br>";
		}
	}

	$sql = "UPDATE `articles` 
		SET `title`= '$obj->title' ,
			`co_authors`= '$obj->co_authors' ,
			`abstract`= '$obj->abstract' ,
			`keywords`= '$obj->keywords' ,
			`content`= '$obj->content' ,
			`references`= '$obj->references' ,
			`biography`= '$obj->biography'
		WHERE id_article='$id' ";

	mysql_query($sql) or die (mysql_error());

	header("Location: /backend/autor/status.php");
	



?>